main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows remote attackers to cause a denial of service (crash) via an RTP text frame without a certain delimiter, which triggers a NULL pointer dereference and the subsequent calculation of an invalid pointer.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 11 | all | asterisk | < 1:1.6.2.0~dfsg~rc1-1 | asterisk_1:1.6.2.0~dfsg~rc1-1_all.deb |
Debian | 10 | all | asterisk | < 1:1.6.2.0~dfsg~rc1-1 | asterisk_1:1.6.2.0~dfsg~rc1-1_all.deb |
Debian | 999 | all | asterisk | < 1:1.6.2.0~dfsg~rc1-1 | asterisk_1:1.6.2.0~dfsg~rc1-1_all.deb |